Mind the Gaps with Penetration Testing
Penetration Testing, or a pentest for short, is a simulated cyber-attack against your systems using actual hacking tools and techniques. If we defeat your security measures, congratulations — we found your weaknesses before the bad guys did. And we’ll be right by your side with remediation guidance.
Ready to learn more about penetration testing? Contact us and let's talk.
Why Perform Penetration Testing?
Organizations use Penetration Testing for a variety of reasons. Often it’s to fine-tune their security devices, uncover vulnerabilities that they didn’t know they had, or simply test the effectiveness of their blue teams. Companies that need to justify budget increases also use a pentest to prove that it is possible to breach their defenses and capture potentially damaging information. Once Raxis findings are written clearly in a report, it is easier to make a case for increased spending in cybersecurity.
Penetration test findings can sometimes create a bit of work to remediate, but we’ll help by demonstrating step-by-step what we did and documenting how to fix it. If we could breach your perimeter and gain access to your network, then it’s certainly possible for a malicious attacker to do the same. Unfortunately that may mean reworking your cybersecurity processes. Other times, it means a complete overhaul of your security program. Either way, you'll go in knowing the strategic value of corrective actions. We may share some virtual high-fives among ourselves, but the real victory is yours. You will have uncovered hidden risks, taken corrective actions, and become better prepared for the real-world threats coming your way.
Uncover Hidden Risk
If there's an obscure security vulnerability in your system, you can rest assured a malicious hacker will eventually find it. Raxis engineers use the same tools and techniques that the bad guys do, and we'll help you stay one step ahead.
Strengthen Security Posture
You're following cybersecurity best practices, but how do you know you've covered everything? Using the perspective of an outsider, we'll take a close look to be sure.
Pentesting Reduces Exposure Time
According to IBM, it takes an average of 277 days to identify and contain a data breach. The average cost of a data breach is $4.35 million. A Raxis penetration test can detect potential points of entry before it's too late.
Adhere to Regulatory Compliance Requirements
Penetration testing is an essential component of several regulatory compliance organizations, including PCI, HIPAA, GLBA, SOC 2, ISO 27001 and many others.
Protect your Brand
Building customer confidence takes years of effort, and customers want to know that you're staying secure. Penetration testing, and the resulting attestation letter, is a great way to show that your operation is doing everything it can to keep their data safe.
What Type of Penetration Test?
None of our tests are a fancy vulnerability scan. Raxis penetration testers are career professionals that don’t stop with identifying weak points located by a scanning tool. Raxis will actively work to exploit vulnerabilities and attempt to gain unauthorized access to your network.
At your discretion, Raxis will continue into your network and exfiltrate a sample of data.
External Network Penetration Test
A popular choice for customers with an internet presence. We’ll take a close look at your internet facing systems (including cloud hosted) and use our hacking skills in an attempt to safely breach your network perimeter. This is not a vulnerability scan, as our penetration testers will attempt to breach your perimeter, pivot to other opportunities, exfiltrate critical data, obtain and crack password hashes, and demonstrate how a foothold would be maintained.
Internal Network Penetration Test
The internal network pentest is a popular choice among larger organizations as it simulates the impact of a malicious insider. Raxis examines your corporate network closely for various vulnerabilities such as issues stemming from unpatched software to system misconfigurations. We support all types of internal networks, including Virtual Private Cloud (VPC) solutions. If hashes are obtained, a password crack attempt using our hashcat GPU cluster is performed for a password analysis.
Web Application Penetration Test
Our diverse team draws from a well of experience to find application flaws in websites and application services that could allow hackers to attack your business. The application, its database and runtime platforms, API calls, and input/output parameters are specifically targeted to provide a holistic assessment of your security posture. All exploits are thoroughly documented in the report with additional guidance for management and technical leadership.
Wireless / Wi-Fi Penetration Test
Wireless penetration testing is critical to perform, and many organizations skip this area with the assumption it is secure since they are using WPA2. However, misconfigurations and weak passwords are far more prevalent than expected due to the large number of access points that are needed to power a sizable network. To help you become more secure, Raxis wireless penetration testing dives deep into the wireless environment using the same attack tools that malicious hackers use today.
Mobile Application Penetration Test
Using a combination of emulators and dedicated hardware, Raxis puts your mobile application to the test on both the Android and iOS platforms. Similar to the Web Application assessment in workflow, the mobile assessment adds an emphasis on device security, platform configuration, mobile API elements, credential management, and data compartmentalization. In most cases, we will use our own jailbroken devices for testing.
API Penetration Test
APIs come in many flavors but often are plagued by similar vulnerabilities. Using blended attack techniques, Raxis scrutinizes each API call for anomalies through direct interaction and by manipulating application data in flight by manually interacting with advanced testing tools. Potential insertion points are thoroughly tested and verified with a focus on session management, data integrity, and parameter fuzzing.
Internet of Things & Embedded Systems Penetration Test
Internet of Things (IoT) and Embedded Systems are more prevalent in our connected world than ever before. We’ve tested cable modems, physical access controls, surveillance cameras, and more. These embedded devices power our IoT connected world and, unfortunately, often contain vulnerabilities. Maybe it's due to a proprietary network stack or because they’re running outdated code, or maybe the design gaps are reflecting a lack of industry standards. Maybe all of the above. No matter the reason, we've exploited devices and embedded controllers even as their designers have said it was impossible.
Learn more about IoT and Embedded Systems Penetration Testing
Operational Technology Penetration Test
Raxis Operational Technology (OT) penetration testers are experienced in all types of controllers, including SCADA systems used by power generation, logistics, water treatment, oil platforms, and transportation. We’ve flown all over the world and even undergone HUET safety training. As the PLC, RTU, HMI, and other systems are often forgotten while deployed in the field, security gaps are repeatedly prevalent at all levels. Finding the vulnerabilities is usually the hardest part of the battle, and our process doesn't leave any stone unturned. We perform OT Penetration testing both onsite and remotely using Transporter to securely interface the private side of the network.
Learn more about Operational Technology (OT) Penetration Testing
What’s the difference between a Pentest and a Vulnerability Scan?
Penetration Test
Professional hacker, manual testing, and screenshots
A Raxis Penetration Test is a much more thorough, manual procedure that requires highly specialized talent, years of expertise, self-compiled tools, and a bit of creativity to accomplish correctly. A pentest uncovers security risks that the vulnerability scan simply can’t see: for example, a nested critical vulnerability that is hidden behind a moderate exposure or a business logic error that the scanner didn’t realize provided critical access. It’s not about getting a clean report - you want us to find ways into your network. Once you know how we breached your perimeter, you can close those gaps and significantly reduce your chances of being hacked by a real malicious actor.
Vulnerability Scan
Software checks, automated report
A vulnerability scan, or vuln scan for short, is a security assessment conducted using a software tool to test defined targets, and the output provided is an automated report. Vuln scans can be run by almost anyone with technical knowledge and are often used to meet regulatory requirements or ensure that security controls are performing as expected. There’s nothing wrong with vulnerability scans; they certainly have a use and are often performed by our customers right before a penetration test to help prepare. However, vuln scans (and their mislabeled “discount pentest” counterparts) are not the same as a penetration test. Companies who misrepresent a vulnerability scan as a pentest are looking for customers that simply want to “check-the-box” and move on. They just want a clean report, but this is very short-sighted.
Penetration Testing FAQ
Why does Raxis ask for information about my network and systems before scoping my pentest?
Each company has a different network landscape and different goals for their pentest. Raxis works with your team directly to be sure that your quote covers what you need while working within your budget.
What does it mean for a pentest to be in timebox?
While malicious hackers may have all the time in the world to attempt to break into your systems, our tests are scoped for a certain amount of pentesting hours -- the timebox. Our engagement ends with a report that clearly explains what Raxis accomplished during the time of your test and what you can do to make your environment more secure against a malicious hacker attempting the same things.
How often should I perform a pentest?
This often depends on your industry and specific needs of your company, but Raxis recommends at least an annual pentest. If a zero-day hack is released after your annual pentest, your pentesting team won't attempt it on your systems until your next pentest, so some companies with high-risk data and assets performs multiple pentests in the same year. Note that Raxis' PTaaS offering provides the best of both worlds with one annual pen test and continuous monitoring throughout the year.
Is there a benefit to changing pentest companies?
While we sometimes work with companies that follow this philosophy, we believe it is flawed. The idea is that different pentesters all have different backgrounds and different strengths, but all pentesting companies are not the same. Raxis pentesters have strong backgrounds and certifications, and they are always working together to learn and share current knowledge about new vulnerabilities and exploits. Not all of our competitors can say the same. We recommend that companies find a trusted pentesting company, such as Raxis, and trust them to perform strong tests year after year.
Is penetration testing even legal? Do you ever break the law?
We do not break the law. Our contracts spell out what we are and aren’t allowed to do. For example, we will never damage or destroy our customers’ property. What we will do is demonstrate how a real hacker could — and show our customers so that they can take steps to prevent it. Even if most company employees don’t know what is going on, leadership does and has agreed to it.
Are there rules that pentesters follow?
Yes, and it’s all about system uptime and data integrity. Unlike the bad guys, our penetration tests stop short of real damage, and we always obscure the data we take for proof of access. We also stay within any parameters set by the customer, but we always push to the edge of that envelope.
My application is cloud hosted. How can you penetration test a platform that is hosted in the cloud or by a third party?
Once scoped, we work directly with cloud providers to inform them of our activities. Raxis has completed numerous tests on Amazon AWS/EC2, Microsoft Azure, Google Cloud, Rackspace, and VMWare cloud. We’ve worked with content delivery front ends such as CloudFlare and Akamai as well. No matter what the tech stack is, Raxis will find the best method possible for your pentest.
Why do you download and crack password hashes?
Unless otherwise requested, we crack passwords to determine the strength of the password policy and effectiveness of enforcement. We also may re-use passwords to pivot to other systems, which often results in a larger simulated data breach. Raxis uses high-strength encryption to protect the hash data both at rest and in motion. Once our password cracking is completed, we securely delete the password hashes and provide you with a summary including password strength, complexity, and analysis in a redacted pentest report.
Why use the Raxis team for your Pentest?
The Raxis Penetration Testing team is second to none at pinpointing real world security risks by using the same tools and techniques as a malicious attacker. We’re all in the United States (with many of us based in Atlanta), most of us have at least 10 years of experience, and pentesting is our primary expertise. With so many technology defenses prevalent today, a pentester must understand every aspect of security and the latest techniques to bypass those many controls. The Raxis crew never stops learning the latest exploits, and we have a ton of fun sharing our knowledge. We don’t do checkbox security, and we never will.
tl;dr
Raxis Pentetration Testing Specifications
- Powered by Raxis One, a secure web interface for all Raxis services
- Fully capable of working with cloud providers and content delivery networks such as Amazon AWS, Microsoft Azure, Google Cloud, Cloudflare, Akamai, hybrid cloud, and SaaS solutions
- Raxis utilizes the same tools and techniques as a blackhat hacker
- Predictable timeline for the assessment
- Exploitation, pivoting to other in-scope systems, and data exfiltration in scope
- Executive debrief conference provided, if desired
- Remote internal network access option available via Raxis Transporter
- Optional re-test to validate remediation
- May be combined with Social Engineering for a customized solution
- All Raxis tests are based on the MITRE ATT&CK penetration testing framework
- Meets or exceeds requirements for NIST 800-53, NIST 800-171/CMMC, PCI, HIPAA, GLBA, ISO 27001, and SOX compliance
- Available as a one-time service, multi-year agreement, or continuous monitoring/Penetration Testing as a Service